again for some time.
.It Ic keepenv
The user's environment is maintained.
-The default is to reset the environment, except for the variables
-.Ev DISPLAY ,
+The default is to retain the variables
+.Ev DISPLAY
+and
+.Ev TERM
+from the invoking process, reset
.Ev HOME ,
.Ev LOGNAME ,
-.Ev MAIL ,
.Ev PATH ,
-.Ev TERM ,
-.Ev USER
+.Ev SHELL ,
and
-.Ev USERNAME .
+.Ev USER
+as appropriate for the target user, and discard the rest of the environment.
.It Ic setenv { Oo Ar variable ... Oc Oo Ar variable=value ... Oc Ic }
In addition to the variables mentioned above, keep the space-separated
specified variables.
is a
.Ql $
then the value to be set is taken from the existing environment
-variable of the same name.
+variable of the indicated name.
.El
.It Ar identity
The username to match.
If quotes or backslashes are used in a word,
it isn't considered a keyword.
.El
+.Sh FILES
+.Bl -tag -width "/etc/doas.conf"
+.It Pa /etc/doas.conf
+doas configuration file.
+.El
.Sh EXAMPLES
-The following example permits users in group wsrc to build ports;
-wheel to execute commands as any user while keeping the environment
+The following example permits user aja to install packages
+from a preferred mirror;
+group wheel to execute commands as any user while keeping the environment
variables
.Ev PS1
and
permits tedu to run procmap as root without a password;
and additionally permits root to run unrestricted commands as itself.
.Bd -literal -offset indent
-# Non-exhaustive list of variables needed to
-# build release(8) and ports(7)
-permit nopass setenv { \e
- FTPMODE PKG_CACHE PKG_PATH SM_PATH SSH_AUTH_SOCK \e
- DESTDIR DISTDIR FETCH_CMD FLAVOR GROUP MAKE MAKECONF \e
- MULTI_PACKAGES NOMAN OKAY_FILES OWNER PKG_DBDIR \e
- PKG_DESTDIR PKG_TMPDIR PORTSDIR RELEASEDIR SHARED_ONLY \e
- SUBPACKAGE WRKOBJDIR SUDO_PORT_V1 } :wsrc
+permit persist setenv { PKG_CACHE PKG_PATH } aja cmd pkg_add
permit setenv { -ENV PS1=$DOAS_PS1 SSH_AUTH_SOCK } :wheel
permit nopass tedu as root cmd /usr/sbin/procmap
.Ed
projects / opendoas.git / blobdiff